138.68.48.127 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	May 7 22:44:38 electroncash sshd[3476]: Failed password for invalid user cye from 138.68.48.127 port 57916 ssh2 May 7 22:48:37 electroncash sshd[4505]: Invalid user ray from 138.68.48.127 port 39816 May 7 22:48:37 electroncash sshd[4505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.48.127 May 7 22:48:37 electroncash sshd[4505]: Invalid user ray from 138.68.48.127 port 39816 May 7 22:48:38 electroncash sshd[4505]: Failed password for invalid user ray from 138.68.48.127 port 39816 ssh2 ...	2020-05-08 07:07:38
attackbotsspam	Bruteforce detected by fail2ban	2020-05-07 23:06:38
attackspambots	May 2 11:23:38 h1745522 sshd[17676]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.48.127 user=root May 2 11:23:39 h1745522 sshd[17676]: Failed password for root from 138.68.48.127 port 47830 ssh2 May 2 11:27:23 h1745522 sshd[17851]: Invalid user tams from 138.68.48.127 port 59102 May 2 11:27:23 h1745522 sshd[17851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.48.127 May 2 11:27:23 h1745522 sshd[17851]: Invalid user tams from 138.68.48.127 port 59102 May 2 11:27:25 h1745522 sshd[17851]: Failed password for invalid user tams from 138.68.48.127 port 59102 ssh2 May 2 11:32:06 h1745522 sshd[17973]: Invalid user osmc from 138.68.48.127 port 42170 May 2 11:32:06 h1745522 sshd[17973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.48.127 May 2 11:32:06 h1745522 sshd[17973]: Invalid user osmc from 138.68.48.127 port 42170 May 2 11:32:06 ...	2020-05-02 18:28:34
attackbotsspam	$f2bV_matches	2020-04-29 02:53:10
attack	2020-04-26T06:39:13.1533251495-001 sshd[40703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.48.127 2020-04-26T06:39:13.1463921495-001 sshd[40703]: Invalid user nuxeo from 138.68.48.127 port 40742 2020-04-26T06:39:15.6250771495-001 sshd[40703]: Failed password for invalid user nuxeo from 138.68.48.127 port 40742 ssh2 2020-04-26T06:42:03.3626171495-001 sshd[40834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.48.127 user=root 2020-04-26T06:42:05.1720191495-001 sshd[40834]: Failed password for root from 138.68.48.127 port 34374 ssh2 2020-04-26T06:44:55.9298021495-001 sshd[40946]: Invalid user leslie from 138.68.48.127 port 56234 ...	2020-04-26 19:41:22
attackbots	Apr 22 10:38:08 mail sshd\[12240\]: Invalid user pk from 138.68.48.127 Apr 22 10:38:08 mail sshd\[12240\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.48.127 Apr 22 10:38:10 mail sshd\[12240\]: Failed password for invalid user pk from 138.68.48.127 port 33170 ssh2 ...	2020-04-22 16:38:32
attack	Apr 16 07:00:06 web1 sshd\[1883\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.48.127 user=root Apr 16 07:00:07 web1 sshd\[1883\]: Failed password for root from 138.68.48.127 port 43558 ssh2 Apr 16 07:03:54 web1 sshd\[2289\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.48.127 user=root Apr 16 07:03:57 web1 sshd\[2289\]: Failed password for root from 138.68.48.127 port 52854 ssh2 Apr 16 07:07:38 web1 sshd\[2643\]: Invalid user uj from 138.68.48.127 Apr 16 07:07:38 web1 sshd\[2643\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.48.127	2020-04-17 01:59:31

Comments on same subnet:

IP	Type	Details	Datetime
138.68.48.118	attack	Exploited Host.	2020-07-26 02:43:37
138.68.48.118	attackbots	$f2bV_matches	2020-05-17 03:39:24
138.68.48.118	attack	May 15 12:26:30 124388 sshd[11986]: Invalid user rado from 138.68.48.118 port 40252 May 15 12:26:30 124388 sshd[11986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.48.118 May 15 12:26:30 124388 sshd[11986]: Invalid user rado from 138.68.48.118 port 40252 May 15 12:26:32 124388 sshd[11986]: Failed password for invalid user rado from 138.68.48.118 port 40252 ssh2 May 15 12:30:06 124388 sshd[12118]: Invalid user cuc from 138.68.48.118 port 48306	2020-05-16 02:15:48
138.68.48.118	attack	Invalid user sergio from 138.68.48.118 port 56288	2020-05-03 12:15:56
138.68.48.118	attackbots	Apr 30 15:51:15 legacy sshd[27817]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.48.118 Apr 30 15:51:17 legacy sshd[27817]: Failed password for invalid user ramesh from 138.68.48.118 port 59056 ssh2 Apr 30 15:55:07 legacy sshd[27893]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.48.118 ...	2020-04-30 22:02:54
138.68.48.118	attackbots	Apr 27 07:40:28 srv01 sshd[21628]: Invalid user muhl from 138.68.48.118 port 51722 Apr 27 07:40:28 srv01 sshd[21628]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.48.118 Apr 27 07:40:28 srv01 sshd[21628]: Invalid user muhl from 138.68.48.118 port 51722 Apr 27 07:40:30 srv01 sshd[21628]: Failed password for invalid user muhl from 138.68.48.118 port 51722 ssh2 Apr 27 07:44:15 srv01 sshd[21721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.48.118 user=root Apr 27 07:44:17 srv01 sshd[21721]: Failed password for root from 138.68.48.118 port 34942 ssh2 ...	2020-04-27 13:46:04
138.68.48.118	attackbotsspam	5x Failed Password	2020-04-12 07:47:09
138.68.48.118	attack	Apr 6 00:19:26 cloud sshd[20792]: Failed password for root from 138.68.48.118 port 56456 ssh2 Apr 8 14:43:09 cloud sshd[18975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.48.118	2020-04-08 21:27:55
138.68.48.118	attackbotsspam	Apr 6 20:12:13 ny01 sshd[24354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.48.118 Apr 6 20:12:15 ny01 sshd[24354]: Failed password for invalid user admin from 138.68.48.118 port 48278 ssh2 Apr 6 20:15:49 ny01 sshd[24753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.48.118	2020-04-07 08:39:11
138.68.48.118	attack	Apr 4 15:37:58 vpn01 sshd[12142]: Failed password for root from 138.68.48.118 port 49230 ssh2 ...	2020-04-04 21:43:04
138.68.48.118	attackspam	SSH/22 MH Probe, BF, Hack -	2020-03-30 19:24:10
138.68.48.118	attackbots	Mar 27 05:59:58 *** sshd[31808]: Invalid user xi from 138.68.48.118	2020-03-27 14:53:42
138.68.48.118	attackspam	Port Scan detected from 138.68.48.118 (US/United States/California/Santa Clara/-). 4 hits in the last 190 seconds	2020-03-22 16:49:34
138.68.48.118	attackspambots	Mar 20 05:22:49 lnxded64 sshd[7761]: Failed password for root from 138.68.48.118 port 50272 ssh2 Mar 20 05:22:49 lnxded64 sshd[7761]: Failed password for root from 138.68.48.118 port 50272 ssh2	2020-03-20 12:45:27
138.68.48.118	attackbotsspam	SSH login attempts.	2020-03-19 12:18:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.48.127
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1247
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.48.127.			IN	A

;; AUTHORITY SECTION:
.			328	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041501 1800 900 604800 86400

;; Query time: 126 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 17 01:59:25 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 127.48.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 127.48.68.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.175.212	attackbotsspam	Aug 16 22:55:31 marvibiene sshd[11840]: Failed password for root from 222.186.175.212 port 42766 ssh2 Aug 16 22:55:35 marvibiene sshd[11840]: Failed password for root from 222.186.175.212 port 42766 ssh2	2020-08-17 04:56:40
222.186.169.192	attack	Aug 16 20:58:14 scw-6657dc sshd[31109]: Failed password for root from 222.186.169.192 port 3264 ssh2 Aug 16 20:58:14 scw-6657dc sshd[31109]: Failed password for root from 222.186.169.192 port 3264 ssh2 Aug 16 20:58:17 scw-6657dc sshd[31109]: Failed password for root from 222.186.169.192 port 3264 ssh2 ...	2020-08-17 05:00:26
71.58.90.64	attack	Aug 16 20:17:35 onepixel sshd[2657758]: Failed password for root from 71.58.90.64 port 58524 ssh2 Aug 16 20:21:01 onepixel sshd[2659662]: Invalid user xl from 71.58.90.64 port 35802 Aug 16 20:21:01 onepixel sshd[2659662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.58.90.64 Aug 16 20:21:01 onepixel sshd[2659662]: Invalid user xl from 71.58.90.64 port 35802 Aug 16 20:21:03 onepixel sshd[2659662]: Failed password for invalid user xl from 71.58.90.64 port 35802 ssh2	2020-08-17 04:31:57
183.89.26.208	attack	Telnet Honeypot -> Telnet Bruteforce / Login	2020-08-17 05:11:34
129.152.141.71	attackspambots	2020-08-16T16:34:17.069089sorsha.thespaminator.com sshd[3380]: Invalid user laurent from 129.152.141.71 port 56645 2020-08-16T16:34:19.286648sorsha.thespaminator.com sshd[3380]: Failed password for invalid user laurent from 129.152.141.71 port 56645 ssh2 ...	2020-08-17 04:47:55
185.230.127.234	attack	0,23-12/04 [bc01/m22] PostRequest-Spammer scoring: zurich	2020-08-17 05:10:36
111.85.96.173	attackbotsspam	Aug 16 17:34:07 vps46666688 sshd[21143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.85.96.173 Aug 16 17:34:08 vps46666688 sshd[21143]: Failed password for invalid user test from 111.85.96.173 port 19483 ssh2 ...	2020-08-17 04:58:38
212.47.229.4	attack	prod8 ...	2020-08-17 04:34:06
222.186.15.158	attackspam	Aug 16 20:38:06 rush sshd[7520]: Failed password for root from 222.186.15.158 port 34448 ssh2 Aug 16 20:38:17 rush sshd[7522]: Failed password for root from 222.186.15.158 port 36604 ssh2 Aug 16 20:38:19 rush sshd[7522]: Failed password for root from 222.186.15.158 port 36604 ssh2 ...	2020-08-17 04:38:42
115.217.253.115	attack	DATE:2020-08-16 22:34:35, IP:115.217.253.115, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2020-08-17 04:36:14
149.56.130.61	attackspambots	Aug 16 13:30:38 dignus sshd[17396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.130.61 user=root Aug 16 13:30:40 dignus sshd[17396]: Failed password for root from 149.56.130.61 port 58866 ssh2 Aug 16 13:34:20 dignus sshd[17954]: Invalid user newuser from 149.56.130.61 port 39690 Aug 16 13:34:20 dignus sshd[17954]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.130.61 Aug 16 13:34:22 dignus sshd[17954]: Failed password for invalid user newuser from 149.56.130.61 port 39690 ssh2 ...	2020-08-17 04:42:54
222.186.169.194	attackspam	Aug 16 22:58:51 nextcloud sshd\[24274\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.169.194 user=root Aug 16 22:58:53 nextcloud sshd\[24274\]: Failed password for root from 222.186.169.194 port 28490 ssh2 Aug 16 22:59:02 nextcloud sshd\[24274\]: Failed password for root from 222.186.169.194 port 28490 ssh2	2020-08-17 05:03:28
202.175.113.123	attack	20/8/16@16:34:13: FAIL: Alarm-Network address from=202.175.113.123 20/8/16@16:34:13: FAIL: Alarm-Network address from=202.175.113.123 ...	2020-08-17 04:53:36
188.165.230.118	attackspambots	188.165.230.118 - - [16/Aug/2020:21:45:35 +0100] "POST /wp-login.php HTTP/1.1" 200 6354 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 188.165.230.118 - - [16/Aug/2020:21:47:53 +0100] "POST /wp-login.php HTTP/1.1" 200 6354 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 188.165.230.118 - - [16/Aug/2020:21:49:25 +0100] "POST /wp-login.php HTTP/1.1" 200 6354 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" ...	2020-08-17 04:56:18
156.96.62.82	attack	Rude login attack (40 tries in 1d)	2020-08-17 04:36:30

Recently Reported IPs

77.229.174.102	15.250.198.206	18.5.217.9	116.104.100.139
120.51.133.132	32.73.193.216	201.107.22.46	56.163.21.94
182.146.55.1	249.224.135.57	167.216.99.60	55.108.142.88
46.70.95.132	28.22.116.104	223.187.140.210	134.232.72.232
169.95.197.231	38.192.54.85	227.153.32.108	2.95.28.61